Kaspersky Claims Drive-by Downloads Present High Risk to Users

Security firm 'Kaspersky' has recently published its report of top ten malware, according to which, Internet users still download drive-by downloads. The company indicates that it is clear that cyber criminals employ various advanced drive-by downloads for infecting victims' computers.

Kaspersky states in its report that as an e-threat characterized with drive-by download, Gumblar.a is the top malware for June 2009. This malware, which is a tiny encrypted script, diverts an end-user to a malicious Internet site where security flaws are exploited so that a malicious executable file can be downloaded from the site on his computer.

Subsequently, when the executable is installed, it influences the web traffic of the end-user by resetting search results from Google. As per Kaspersky, it further scans the PC to find passwords for accessing FTP servers so that the servers could be infected.

However, this helps cyber criminals to create a botnet of the infected servers with which any malicious program could be downloaded on other compromised PCs. While there are already numerous infected servers, the e-threat is found to be spreading incessantly to other unsecured PCs.

Another significant drive-by download that Kaspersky detected for June 2009 is LuckySploit.q a Trojan downloader malware.

Security researchers at the company explain that being a highly obfuscated program, LuckySploit.q harvests data related to browser configuration from a hijacked PC. It encrypts that data with the help of an RSA key and eventually forwards it to a malevolent site.

In addition, the security company discovered that numerous malicious programs exploit loopholes in software manufactured by leading vendors. The existence of attack codes like Exploit.JS.Pdfka.gu, Exploit.SWF.Agent.az, Exploit.JS.Pdfka.lr and Trojan-Clicker.SWF.Small.b within the report has confirmed the fact that Adobe Reader and Adobe Flash Player are both popular and vulnerable.

Flaws in Microsoft software are also being abused, as Trojan-Downloader.JS.Major.c tries to take advantage of quite a few flaws affecting various Microsoft Office and Windows components.

Lastly, Kaspersky listed the countries which topped in online computer infections. These are successively China at 56.4%, Russia (5.9%), US (4.8%), India (3.3%) and Brazil (2.02%).

Related article: Kaspersky Released Malware Statistics for September 2008

» SPAMfighter News - 7/17/2009